<?php

/*
	QscTech @ Fcten
*/

!defined('IN_UC') && exit('Access Denied');

class permissionmodel {

	var $db;
	var $base;

	function __construct(&$base) {
		$this->permissionmodel($base);
	}

	function permissionmodel(&$base) {
		$this->base = $base;
		$this->db = $base->db;
	}

	function add($uid,$permission) {
		$user = $this->db->fetch_first("SELECT permission FROM ".UC_DBTABLEPRE."members WHERE uid='$uid'");
		if(!$user) {
			// 用户不存在
			return -1;
		}
		$p = $this->db->fetch_first("SELECT pid FROM ".UC_DBTABLEPRE."permission WHERE pname='$permission'");
		if(!$p) {
			// 权限令牌不存在
			return -2;
		}
		if( $this->_check($user['permission'],$p['pid']) ) {
			return 2;
		} else {
			$this->db->fetch_first("UPDATE ".UC_DBTABLEPRE."members SET permission=permission+".$p['pid']." WHERE uid='$uid'");
			return 1;
		}
	}

	function sub($uid,$permission) {
		$user = $this->db->fetch_first("SELECT permission FROM ".UC_DBTABLEPRE."members WHERE uid='$uid'");
		if(!$user) {
			// 用户不存在
			return -1;
		}
		$p = $this->db->fetch_first("SELECT pid FROM ".UC_DBTABLEPRE."permission WHERE pname='$permission'");
		if(!$p) {
			// 权限令牌不存在
			return -2;
		}
		if( $this->_check($user['permission'],$p['pid']) ) {
			$this->db->query("UPDATE ".UC_DBTABLEPRE."members SET permission=permission-".$p['pid']." WHERE uid='$uid'");
			return 1;
		} else {
			return 2;
		}
	}

	function reg($permission) {
		$p = $this->db->fetch_first("SELECT pid FROM ".UC_DBTABLEPRE."permission WHERE pname='$permission'");
		if($p) {
			// 权限令牌已存在
			return -1;
		}
		$p = $this->db->result("SELECT COUNT(pid) FROM ".UC_DBTABLEPRE."permission");
		if($p>=30) {
			// 权限令牌数量达到上限
			return -2;
		}
		$i = 1;
		while( 1 ) {
			$p = $this->db->fetch_first("SELECT pid FROM ".UC_DBTABLEPRE."permission WHERE pid=$i");
			if($p) {
				// 权限令牌已存在
				$i *= 2;
				continue;
			}
			$this->db->query("INSERT INTO ".UC_DBTABLEPRE."permission (`pid`,`pname`) VALUES ($i,'$permission')");
			return 1;
		}
	}

	function del($permission) {
		$p = $this->db->fetch_first("SELECT pid FROM ".UC_DBTABLEPRE."permission WHERE pname='$permission'");
		if(!$p) {
			// 权限令牌不存在
			return 0;
		}
		$users = $this->db->fetch_all("SELECT uid,permission FROM ".UC_DBTABLEPRE."members");
		foreach( $users as $user ) {
			if( $this->_check( $user['permission'], $p['pid'] ) ) {
				$this->db->query("UPDATE ".UC_DBTABLEPRE."members SET permission=permission-".$p['pid']." WHERE uid=".$user['uid']);
			}
		}
		
		$this->db->query("DELETE FROM ".UC_DBTABLEPRE."permission WHERE pname='$permission'");
		return 1;
	}

	function check($uid,$permission) {
		$user = $this->db->fetch_first("SELECT permission FROM ".UC_DBTABLEPRE."members WHERE uid='$uid'");
		if(!$user) {
			// 用户不存在
			return -1;
		}
		$p = $this->db->fetch_first("SELECT pid FROM ".UC_DBTABLEPRE."permission WHERE pname='$permission'");
		if(!$p) {
			// 权限令牌不存在
			return -2;
		}
		return $this->_check($user['permission'],$p['pid']);
	}

	function _check( $level, $num ) {
		$i = 4294967296;
		while( $i >= 1 ) {
			if( $level >= $i ) {
				if( $num == $i ) return 1;
				$level -= $i;
			}
			$i = $i / 2;
		}
		return 0;
	}

}

?>
